IN THE CLAIMS: 

1 . (Currently amended) A method for authenticating LDAP referral searches that 
are generated responsive to a client receiving referrals from at least one directory server , 
comprising: 

receiving a bind request from a LDAP referred search request; 

searching the a local directory of a server for an entry corresponding to the 
distinguished name (DN) of the bind request; 

authenticating the bind request if an entry for the bind DN is located within the 
local directory of the server ; 

checking a defined reference server for the prefix of the bind DN, if the bind DN 
is not found within the local directory of the server ; 

contacting the reference server for authentication, if the prefix of the bind DN is 
located on the reference serve r, wherein the reference server is contacted by the server ; 
and 

denying the bind request if both the local directory and the reference server do not 
contain an entry corresponding to the bind DN. 

2. (Currently amended) The method according to claim 1, wherein the defined 
reference server contains: 

root DN's; and 

server location , to enable access by the client to the defined reference server 
without requiring a physical client account to reside on the defined reference server . 

3. (Currently amended) A computer program product in a computer readable 
medium for use in a data processing system, for authenticating LDAP referral searches 
that are generated responsive to a client receiving referrals from at least one directory 
server , the computer program product comprising: 

instructions for receiving a bind request from a LDAP referred search request; 
instructions for searching the a local directory of a server for an entry 
corresponding to the distinguished name (DN) of the bind request; 
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instructions for authenticating the bind request if an entry for the bind DN is 
located within the local directory of the server ; 

instructions for checking a defined reference server for the prefix of the bind DN, 
if the bind DN is not found within the local directory of the server ; 

instructions for contacting the reference server for authentication, if the prefix of 
the bind DN is located on the reference serve r, wherein the reference server is contacted 
by the server ; and 

instructions for denying the bind request if both the local directory and the 
reference server do not contain an entry corresponding to the bind DN. 

4. (Currently amended) The computer program product according to claim 3, 
wherein the defined reference server contains: 

root DN's; and 

server location , to enable access by the client to the defined reference server 
without requiring a physical client account to reside on the defined reference server . 

5. (Currently amended) A system for authenticating LDAP referral searches that are 
generated responsive to a client receiving referrals from at least one directory server , 
comprising: 

means for receiving a bind request from a LDAP referred search request; 

means for searching the a local directory of a server for an entry corresponding to 
the distinguished name (DN) of the bind request; 

means for authenticating the bind request if an entry for the bind DN is located 
within the local directory of the server ; 

means for checking a defined reference server for the prefix of the bind DN, if the 
bind DN is not found within the local directory of the server ; 

means for contacting the reference server for authentication, if the prefix of the 
bind DN is located on the reference serve r, wherein the reference server is contacted by 
the server ; and 

means for denying the bind request if both the local directory and the reference 
server do not contain an entry corresponding to the bind DN. 
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6. (Currently amended) The system according to claim 5, wherein the defined 
reference server contains: 

Root root DN's; and 

server location , to enable access by the client to the defined reference server 
without requiring a physical client account to reside on the defined reference server . 
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